3 - General model |
CEM-97/017 |
D R A F T
3.2.2Conduct
56 |
The conduct stage is the main part of the evaluation process (see Figure 3.3). |
|
During the conduct stage, the evaluator reviews the evaluation deliverables |
|
received from the sponsor or developer and performs the evaluator actions |
|
required by the assurance criteria. |
57 |
During the evaluation, the evaluator may generate observation reports. The |
|
evaluator may request clarification on the application of a requirement from the |
|
overseer using an observation report. This request could result in an interpretation |
|
of a requirement to ensure consistent application of the requirement in future |
|
evaluations. The evaluator may also use the observation report to identify a |
|
potential vulnerability or deficiency and to request additional information from the |
|
sponsor or the developer. The distribution of the observation reports may be |
|
further specified in the scheme. |
58 |
The overseer monitors the evaluation as required by the scheme. The evaluator |
|
produces the Evaluation Technical Report (ETR) which contains the overall |
|
verdict and the justification for the verdict. |
Page 14 of 24 |
Version 0.6 |
97/01/11 |
CEM-97/017 |
|
3 - General model |
D R A F |
T |
|
|
Developer |
|
observation reports |
|
observation reports |
evaluation deliverables |
|
evaluation deliverables |
evaluation deliverables |
||
Sponsor |
|
Evaluator |
observation reports |
||
|
|
interpretations |
|
|
observation reports |
|
Overseer |
|
Figure 3.3 - Conduct stage |
||
97/01/11 |
Version 0.6 |
Page 15 of 24 |